CVE-2023-27990

The cross-site scripting (XSS) vulnerability in Zyxel ATP series firmware versions 4.32 through 5.35, USG FLEX series firmware versions 4.50 through 5.35, USG FLEX 50(W) firmware versions 4.16 through 5.35, USG20(W)-VPN firmware versions 4.16 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow an authenticated attacker with administrator privileges to store malicious scripts in a vulnerable device. A successful XSS attack could then result in the stored malicious scripts being executed when the user visits the Logs page of the GUI on the device.

CVSS v3 4.8 MEDIUM

4.8^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.7 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-xss-vulnerability-and-post-authentication-command-injection-vulnerability-in-firewalls	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:h:zyxel:atp200:-:*:*:*:*:*:*:*

cpe:2.3:o:zyxel:atp200_firmware:*:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:zyxel:atp100_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:atp100:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:zyxel:atp700_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:atp700:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:zyxel:atp500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:atp500:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:zyxel:atp100w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:atp100w:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:zyxel:atp800_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:atp800:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:zyxel:usg_flex_100_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:usg_flex_100:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:zyxel:usg_flex_50_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:usg_flex_50:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:zyxel:usg_flex_200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:usg_flex_200:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:zyxel:usg_flex_500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:usg_flex_500:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:zyxel:usg_flex_700_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:usg_flex_700:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:usg_flex_100w:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:zyxel:usg_20w-vpn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:usg_20w-vpn:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND

cpe:2.3:o:zyxel:usg_flex_50w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:usg_flex_50w:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND

cpe:2.3:o:zyxel:usg20-vpn_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:usg20-vpn:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND

cpe:2.3:o:zyxel:vpn100_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:vpn100:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND

cpe:2.3:o:zyxel:vpn1000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:vpn1000:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND

cpe:2.3:o:zyxel:vpn300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:vpn300:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND

cpe:2.3:o:zyxel:vpn50_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:zyxel:vpn50:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2023-04-24 18:15

Updated : 2024-02-02 17:08

NVD link : CVE-2023-27990

Mitre link : CVE-2023-27990

CVE.ORG link : CVE-2023-27990

JSON object : View

Products Affected

zyxel

usg_flex_500
atp200
vpn1000_firmware
usg_flex_50_firmware
usg_flex_100w_firmware
vpn100
usg_flex_700_firmware
usg_flex_100w
usg_flex_200_firmware
usg20-vpn_firmware
atp500_firmware
usg_flex_100_firmware
atp200_firmware
usg_flex_50w_firmware
vpn50_firmware
usg_flex_200
atp100w_firmware
usg_20w-vpn
atp700
atp800_firmware
usg_flex_700
atp100
vpn1000
usg_flex_50
usg_20w-vpn_firmware
vpn50
atp100_firmware
vpn100_firmware
atp100w
usg_flex_100
atp700_firmware
usg_flex_500_firmware
atp800
usg20-vpn
atp500
vpn300_firmware
usg_flex_50w
vpn300

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

4.8 /10